…but does anyone listen?

CC-BY-SA is how I roll.

about.me

Community Guy

Greg DeKoenigsberg is the Vice President of Community for Ansible, where he leads the company's relationship with the broader open source community. Greg brings to Ansible over a decade of open source product and community leadership, with the majority of this time spent building and leading communities for open source leader Red Hat. While at Red Hat, Greg served in various community leadership roles, including senior community architect, leader of the Fedora project, chair of the first Fedora Project Board, and Red Hat community liaison with the One Laptop Per Child project. More recently, Greg led community and product efforts for open source cloud pioneer Eucalyptus Systems.

The Netflix OSS team sure knows how to throw a good party. We’ve been to their meetup twice now, most recently at their event last Wednesday, at which they unveiled the Netflix OSS Prize. At this rate, given the amount of interest they’re generating, they’ll need to rent out hotel space for their next event.

What draws the crowd? It’s a good question. The simplest answer, I guess, is that they’re a cool company doing cool stuff — and people want to be like them.

At Eucalyptus, we certainly enjoy working with Netflix, and we enjoy hanging out with them generally, because they’re cool. (And their headquarters are awesome — “spa-like”, one might say.) But we also have very specific interests in following the Netflix approach:

1. Netflix understands cloud. Surely this is obvious; Netflix is one of the most advanced user of cloud services on the planet. They were the first to understand the true value of the AWS model, and in taking full advantage of it, they’ve developed a reputation for being industry leaders who work at true cloud scale. Other leaders now seek to learn from them and emulate their practices.

What does that mean, though — “working at true cloud scale”? In a nutshell: Netflix has embraced the reality that sometimes services just go away. This is the single biggest shift that one must make when moving into the world of cloud: not just accepting, but embracing the idea that sometimes your systems just go away. That’s the point of cloud, and if you don’t build your systems with that mindset from Day One, you’re Doing It Wrong. Netflix has demonstrated an understanding here that few organizations can match. They’ve moved from Chaos Monkey, which randomly knocks over instances, to Chaos Gorilla, which randomly knocks over entire availability zones — and they’ve made these tools, and others like them, available for those who dare to follow their lead.

2. Netflix understands open source. Not just as users, but as producers. They are willing to share some pretty amazing software, because they understand the difference between software that provides differentiating value for their business (the engine) and software that provides non-differentiating value (the plumbing). The more they can share the cost of maintaining the plumbing, the more resources they can commit to the engine. This is a highly strategic choice, which makes them all the more committed to it — they have 26 projects in their Github repo and counting, with no sign of slowing down anytime soon.

3. Netflix OSS requires real AWS API fidelity, and Eucalyptus provides it. Netflix is completely committed to the AWS model, and all of their code currently assumes that you’re using AWS. If you want to figure out if your own AWS compliant IaaS “just works”, the Netflix OSS tools represent the best possible tests of AWS API fidelity. The “Asg” in Asgard, for instance, stands for Autoscaling Groups — so as we get our own autoscaling functionality up to speed for the Eucalyptus 3.3 release, it makes perfect sense to use Asgard as the benchmark to test against. Which is precisely why we demonstrated at the Netflix OSS event: Chaos Monkey for knocking down instances, Asgard for Autoscaling to replace the destroyed instances, and Edda for auditing the whole process — and all working on Eucalyptus precisely as it would work against AWS.

Here’s the point, and it’s a simple one: it’s easy and cool to claim that your private cloud is “AWS API compatible”. But it’s another thing entirely to prove it. At Eucalyptus, we stake our entire reputation on proving it, with every single release. At the Netflix meetup, people walked up to our demo station, and they could *see* Netflix OSS on a private cloud. Edda, Asgard, and Chaos Monkey, all running in the cloud that was sitting right there on the table next to them.

We’ve got two hours worth of demo video from yesterday’s show and tell session for Eucalyptus 3.3 milestone 4 — with every milestone, we continue to improve the most compatible AWS private cloud platform. ELB, autoscaling and cloudwatch are pretty much in the bag; now it’s mostly spit and polish. For those who don’t want to watch the whole two hours, but are interested in the progress of various features, here’s the timings of the various demos:

At 2:38, David Kavanagh talks about data management features in the UI.

At 11:00, Ean Schuessler talks about data layer architecture changes in the UI.

At 25:42, Jeff Uphoff at 25:42 talks about migrating instances from one node controller to another.

At 45:15, Vasya Kochergin talks about migrating instances in vmware.

At 51:35, Swathi Gangisetty talks about support for NetApp cluster mode.

At 1:19:30, Steve Jones talks about autoscaling improvements.

At 1:28:56, Ken Edwards talks about cloudwatch improvements.

At 1:37:35, Evan Thomas talks about cloudwatch alarms.

At 1:49:20. Sang-Min Park talks about elastic load balancing.

At 2:05:45, Matt Spaulding talks about the elastic load balancer VM.

Enjoy. As always, if you have any qyestions, feel free to ask on IRC (#eucalyptus on freenode) or join our mailng list.

P.S. we should have Silvereye builds of 3.3m4 available early next week.

After every sprint, the Eucalyptus engineers hold a Show and Tell session, where they share what they’ve been working on with everyone else in the company. Technically, these Show and Tell sessions are for “product management validation acceptance” or some such blah blah blah — but I like it because it lets all of the engineers strut their stuff, so they can be stars inside the company.

Well, bleep that. I say let ’em be stars outside of the company too!

Thus: on Wednesday March 13th, at noon Pacific time, we will be opening our Show and Tell to the entire world. It’ll probably run a couple of hours or so. Some of the goodies we’ll be showing for 3.3 Sprint 4:

* nearly full implementations of ELB, Cloudwatch, and Autoscaling

* mechanisms for node evacuation and instance migration

* user console improvements and features

* next generation storage adapters

We’ll run a Gotomeeting session for the audio and screen sharing, and we will be on #eucalyptus-meeting on freenode for those who want to ask questions of the Eucalyptus engineering team — time allowing, of course, since we’re going to have a lot to show off. :)

Recently, we released our latest milestone build for Eucalyptus 3.3. Go take it for a spin. This is a big one, since it incorporates, for the first time, functional versions of the “Big Three” AWS services we’ll be releasing later this spring: Autoscaling, Elastic Load Balancing, and Cloudwatch. It also presents a good opportunity to step back and look again at our AWS compatibility story.

It’s no secret that Eucalyptus believes in the power of the Amazon Web Services API. Amazon continues to be the dominant public cloud, and they continue to widen the gap between themselves and the other public cloud providers. This is thanks, in large part, to an API that is well considered, well documented, and has therefore spawned a powerful and growing ecosystem. The rule of thumb for those who are developing code for the public cloud has thus become “make it work for Amazon first” — to such a degree that even VMware is running scared.

Such is the strength of the de facto standard. The abstractions that are now being developed by every other cloud provider are either strongly influenced by, or derived directly from, the abstractions pioneered by AWS. Every single cloud provider has their own alternatives to EC2 and S3 — but AWS, having mastered these services long ago, is now moving quickly through a set of higher level abstractions. It is possible — perhaps even likely — that the AWS API, as the continual representative of the newest and best cloud abstractions, will emerge as a dominant standard for cloud applications in much the same way that the LAMP stack emerged as the dominant standard for web applications. It will simply be assumed that if you want to provision applications rapidly at scale, you will either write an application that uses the AWS API directly, or you will depend upon a PaaS that works first and best with the AWS API.

To us, it has always made perfect sense to follow Amazon’s strong lead. To build the strongest private cloud, build the best possible complement to the strongest public cloud. And to ensure that users always have options, make sure that the private cloud in question is open source.

The next, obvious question: how do we do that, exactly?

We’ve been refining our approach for more than half a decade. Which is about a thousand cloud years. Our approach can now be boiled down to two fundamentals:

2. Leverage the AWS ecosystem to define and test the limits of compatibility. Which means relentlessly testing third-party tools and libraries against Eucalyptus, and being satisfied only when those tools work as well against Eucalyptus as they would work against AWS. Compatibility is a journey, and we will consider ourselves “compatible” when our users can treat Eucalyptus as their own personal region of AWS. Think of it a hybrid cloud Turing test.

All that said, we strongly encourage the diversity of tools to create a high-level compatibility between AWS and other public cloud services, and we see some value in tools like AWSome and Deltacloud and CloudBridge and the like. Over time, as other cloud vendors continue to refine their own versions of the AWS abstractions, it will be easier to make common high-level tools that encompass actions across all various public and private clouds, and that may make it a bit easier for developers to write code that is truly portable across many different clouds. (Then again, maybe not.) In the meantime, though, we will let others focus on Broad Compatibility, while we continue our laser focus on Deep Compatibility, and the advantages that we will provide to our users as a result.

Anyway. Go install the latest milestone build for yourself. We’ve also got some great demo scripts that will allow you to try out the latest and greatest functionality. Don’t hesitate to drop by on IRC (#eucalyptus on freenode) and let us know what you think.

The ami2emi project has been moving along. As in, it actually works for a number of cases now. Configure cloud parameters for AWS and Euca, run a script, and boom: your chosen AMIs are brought to life on your Euca cloud. When it works, it Just Works. It’s cool. :)

Note that these cases do *not* yet cover configuration of the applications themselves — just the images. The bits might still need to be twiddled to get the apps working properly, but all of the actual bits are successfully transferred into the new image, and the new image successfully spins up instances, and you can ssh to them and everything.

The AMIs that can currently be auto-slurped into Eucalyptus successfully share certain characteristics:

1. They carry their own kernels inside the image. On the AWS side, that means they’re linked against the stock pv-grub kernels, and we link them similarly to the kexec-loader kernels on the Euca side.

2. They’re instance-store images, rather than EBS-based images. At least so far.

You can find the list of currently tested images here. That list will expand rapidly as we have time to run more test cases.

Note the large number of Bitnami instances in this list. That must be because they’re Crazy Awesome.

So, give it a whirl. Patches exceptionally welcome, since it’s heinous bash scripting and I can use all the help I can get. At least I document my code, sorta. :)

One of the most common questions I’ve heard asked from Eucalyptus users is this one: “how easy is it to convert an AMI to an EMI?” And the answer is: not as easy as it should be.

We’ve got some process guidelines on our wiki, thanks to Tim Gerla — but we should have the ability to do much of this automagically. So that’s the tool I’ve started work on. In the spirit of “release early release often”, I’ve uploaded a very early iteration of this tool. Find the brand new Github repo here.

It’s quite a ways yet from being prime-time, but it’s allowed me to do quite a bit of testing. Some assumptions I’ve started with:

* First, I pulled a list of all public AMIs on us-east-1. There were about 20,000 public images available there as of mid-November.

* Then I selected the subset of AMIs that were built with a PV-GRUB kernel, and I’m importing them to an instance of Eucalyptus running the kexec-loader kernel. In both cases, the AKI/EKI is just a bootstrapping mechanism that then hands control over to the image’s own kernel, so we shouldn’t get caught up by kernel incompatibilities. Using only the subset of kernels with PV-GRUB AKIs leaves us with about 7000, and picking one particular AKI (aki-825ea7eb) gives us about 1700.

* From there, we’re working with individual distros, and there will be idiosyncracies between the various distros out there, so it makes sense to pick one and go with it. There’s a lot of Ubuntu out there on AWS, so I just grepped on AMIs with “ubuntu” in the name. That’s 1067 images in my dataset.

* Now that we’ve got a reasonable set of images to examine, here’s the process that the scripts walk through. For each AMI, we start an AWS instance, ssh to that instance, install euca2ools if they aren’t already installed, scp Euca credentials to the instance, and bundle the instance to the specified Euca cloud. Then we fire up the resultant EMI on the Eucalyptus side and see if we can ssh in. And we bail with appropriate error messages at various places along the line.

I’ve run through a few hundred images at this point. Not one of them has been completely successful from start to finish. About 10% so far have yielded a bundled EMI that boots and yields a Eucalyptus instance in a running state. Can’t ssh into any of them yet, though.

The good news is that the failures are all quite specific and predictable, and the next steps are clear. Do a better job of guessing login IDs. Figure out why fstabs fail. Look for rogue kernel modules. Make sure we’re doing key injection properly on the Euca end. Comb through the results of euca-get-console-output and look for patterns. The big win is having tools that allow us to do that work in minutes, rather than in hours or days. Every step gets us closer to the goal of fully automated conversions on the fly.

Oh, and an apology: a lot of this should probably have been written using Eutester, instead of as a bunch of shell scripting. The fact is, I’m a terrible hack. But I’m just leading the charge temporarily; when I’ve figured out the basics, the real coders can swoop in and do things the right way. In the meantime… patches welcome.

We’re big fans of the Cobbler project here at Eucalyptus. We think it’s the best tool in the open source world for bare metal provisioning. We’ve invested in a gigantic QA environment for continual integration testing, and Cobbler is one of the linchpins of that environment. It’s the kind of tool that’s best appreciated by sysadmins who deal with *a lot* of systems.

I’m sort of attached to Cobbler personally, since I watched it grow out of Red Hat’s Emerging Technologies team several years ago. Now it’s grown past its Red Hat roots to become a truly independent project — and independent projects need support from time to time.

The Cobbler folks have set up an Indiegogo campaign to raise some funds for some much-needed infrastructure, and as proud Cobbler users, we are proud to help them out. Their goal is to raise $4000, and Eucalyptus will match every donation, dollar for dollar, until they reach their goal.

If you’ve used Cobbler and it’s helped you do your job, pitch in. The campaign is running for two more weeks; let’s help put them over the top.